It’s tempting to store your passwords in a browser to make life a bit easier, but it’s a dangerous practice — and UAB offers a safe alternative.
Keeper is a free password manager for faculty, staff and students. Keeper stores your passwords in their encrypted vault. It also has a browser plugin (protected by your master password and two-factor authentication) which overcomes your need to store passwords in your browser.
“Storing a password in a browser unsafe because tools such as password stealers, malicious browser extensions and other malware have the ability to read and capture the passwords stored in your browser,” said Rob Ferrill, assistant vice president and chief information security officer for UAB. “There are also malicious scripts on certain sites (mainly in advertising) that can read the character input by your autofill feature.
Once you have Keeper installed and begin using it, you’ll want to go back and remove all those passwords stored in your browser. This article offers a guide to removing passwords from each browser. You’ll also want to turn off the “autofill” setting for other things you don’t want stored in the browser (e.g. payment card information).
Contact AskIT if you need help with Keeper or other security measures.